iptables dropping legitimate packets?
bms at zoominternet.net
Tue Mar 1 02:51:57 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
On Thursday 24 February 2005 22:30, Ian P. Thomas wrote:
> > >>-A RH-Firewall-1-INPUT -j LOG -d 192.168.0.5 --log-prefix "iptables: "
> > >>-A RH-Firewall-1-INPUT -j DROP
> > >>COMMIT
> The packets are dropped because they have a destination IP of
> 192.168.0.5 and are not being seen as being associated with an
> ESTABLISHED connection. If your outbound services, POP and web
> browsing, are operating in a sufficient manner, then I wouldn't worry
> about the dropped packets.
The packets are not being dropped because they have a destination addresses of
192.168.0.5. They are only being logged by the second to last rule. The
last rule is dropping everything that reaches it. Doesn't matter what ip
address it has or port it is going to.
Smile... it increases your face value!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the users